Point-to-Point (PPP) Protocol is an excelent Layer 2 protocol used to establish a direct connection between two nodes. It can provide connection authentication, transmission encryption (using ECP, RFC 1968), and compression.

PPP was designed somewhat after the original HDLC specifications. The designers of PPP included many additional features that had been seen only in proprietary data-link protocols up to that time. PPP is used over many types of physical networks including serial cable, phone line, trunk line, cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also used over Internet access connections. ISP's have used PPP for customer dial-up access to the Internet, since IP packets cannot be transmitted over a modem line on their own, without some data link protocol. Two derivatives of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over ATM (PPPoA), are used most commonly by ISP's to establish a Digital Subscriber Line (DSL) Internet service connection with customers.

PPP is commonly used as a data link layer protocol for connection over synchronous and asynchronous circuits, where it has largely superseded the older Serial Line Internet Protocol (SLIP) and telephone company mandated standards (such as Link Access Protocol, Balanced (LAPB) in the X.25 protocol suite). The only requirement for PPP is that the circuit provided be full duplex.

Configuration of PPP

Assuming you are already in configuration mode, get to the interface configuration mode on the interface you want to run PPP on and and issue the following command:

Cell_Router(config-if)#encapsulation ppp

Adding Authentication

If you want to configure authentication (which is almost always the case), go through the following steps:

1. Choose the authentication type; Password Authentication Protocol (PAP), or Challenge Handshake Authentication Protocol (CHAP).  You can use one or the other or both.

Cell_Router(config-if)#ppp authentication XXX

where XXX is the authentication type which can be: pap, chap, pap chap, or chap pap. The last two choices are to use the other authentication type when the first one fails.

CHAP is strongly recommended over PAP for two reasons. First, PAP sends the username and password in plaintext, while CHAP sends hashed challenges only. Second is that CHAP does an operation similar to periodic re-authentication in the middle of the communication session such that it provides more security than PAP.

2. Set a username and a password that the remote router would use to connect to your local router. You can define many username-password pairs for many PPP connections to the same router.

Cell_Router(config)#username USER password PASS

where USER is the host name of the remote router, and PASS is its password. Issue this command once for each PPP connection. For example if you are connecting RouterA to RouterB and RouterC, on RouterA issue this command once for each remote router.

3. Now you can set the username and password that you local router would use to access the remote router. For PAP authentication, you can specify the username and password that the local router will send to the remote router for authentication using the following command,

Cell_Router_Local(config-if)#ppp pap sent-username USER passwrod PASS

For CHAP, two commands are used,

Cell_Router_Local(config-if)#ppp chap hostname USER

Cell_Router_Local(config-if)#ppp chap password PASS

The usernames and passwords are case sensitive, so be careful when writing them. This way, you will have to write the hostname and secret password of the remote router in your local router and write the hostname and secret password of your local router into your remote using the 'username' command.

If you do not set the username and password that will be sent from the local router to the remote router for authentication, the router will use its hostname and secret password instead.

Monitoring and Adjusting the PPP Link

You can monitor the quality of the serial link that is using PPP with the following command,

Cell_Router(config-if)#ppp quality PERCENT

where PERCENT is the minimum accepted link quality. If the link quality drops below PERCENT, the link will be shutdown and considered bad.

If the available bandwidth is small, you might consider compressing the data being transmitted using the following command,

Cell_Router(config-if)#ppp compress YYY

where YYY is the compression type which can be predictor or stacker.

Note: The compression might affect the system performance because it increases the CPU load. Check the CPU load with ‘show process cpu’ and disable the compression if the CPU load is over 65%.

To troubleshoot PPP, you can use the following commands,

Cell_Router#debug ppp negotioations

Cell_Router#debug ppp packets

Cell_Router#debug ppp errors

Cell_Router#debug ppp authentication


We hope this helps you begin to understand and configure PPP.

Comments powered by CComment

Did you learn something?
Did I save you time? 

Buy me a coffeeBuy me a coffee!